Initial config is this.
if ($programname == “cta-frontend-grpc”) then /var/log/cta/cta-frontend-grpc.log
Noticed the rsyslog filter isn’t working, thus tried msg filter below for debug.
template(name=“cta-grpc” type=“string” string=“/var/log/cta/%programname:F,64:2%.log”)
if $msg contains ‘gRPC’ then
{
action(type=“omfile” dynaFile=“cta-grpc”)
stop
}
The log file was created as this
FIELD NOT FOUND.log
Hi Simon,
rsyslog config can be quite tricky, if you share a more complete config example it might be easier to spot what is going wrong.
My immediate thoughts: How are you tagging your log messages in the input?
The rsyslog docs mention that:
programname
the “static” part of the tag, as defined by BSD syslogd. For example, when TAG is “named[12345]”, programname is “named”.
Note that we are re-thinking our present rsyslog integration in CTA. Ideally, in the coming future, we would have the CTA frontend and tapeserver output logs directly into a file in a format that is straight-forward for multiple tools to parse. At present we’re trying to make json work for us.
We’re very interested to hear from you if you have experience on this front or thoughts on the matter.
Cheers,
Richard
Hi Simon,
here is the ticket were we are trying to converge on a more convenient log format for CTA processes: Re-work CTA log line format (#488) · Issues · cta / CTA · GitLab
Cheers,
Julien